Threat and Vulnerability Manager

In this role, you will oversee and continuously improve the management of vulnerability assessments across our hybrid IT environment. Using a risk-based, threat-informed approach, you will prioritise remediation efforts and work closely with stakeholders to enhance the security posture of our systems and services.

Vulnerability Management (Primary Focus)

• Lead and improve the organisation's vulnerability management programme across a hybrid IT environment, including infrastructure and applications.
• Oversee penetration testing activities, including scoping, prioritisation, stakeholder engagement, and remediation tracking.
• Assess and prioritise vulnerabilities using a risk-based, threat-informed approach aligned with business, regulatory, and audit requirements.
• Manage the full vulnerability lifecycle, including triage, mitigation planning, remediation guidance, and coordination with relevant teams.
• Develop and maintain policies, procedures, standards, and best practice guidance.

Threat Intelligence

• Produce tactical, operational, and strategic threat intelligence assessments using internal, commercial, open-source, and external partner intelligence sources.
• Support intelligence-sharing initiatives and strengthen overall cyber intelligence capability.
• Provide timely analysis of emerging threats and the wider threat landscape.

Cyber Risk Management

• Support cyber risk management activities through risk and threat assessments aligned with regulatory and security standards.
• Provide practical, proportionate security advice to stakeholders.

Reporting & Metrics

• Develop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions.

Incident Response Support

• Support and enhance incident response processes.
• Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence and threat-hunting activities.

• Strong experience in vulnerability management, threat intelligence, and security operations within complex enterprise environments.
• Experience managing penetration testing programmes.
• Understanding of secure development practices and security testing within the software development lifecycle (SDLC).
• Broad technical knowledge of hybrid/cloud infrastructure, identity management, and application security.

28.9% pension & Flexi-working

The Opportunity

Yolk Recruitment Public Sector & Not-for-Profit team has partnered with a specialised Civil Service Organisation who are presently undergoing an interesting transformation into the cloud space., * Salary: £55,000

• Full Flexi-Time - Work your 37.5 hours on any schedule between 5am and 10pm
• Accrued Time - If you work 37.5 hours in 4 days, you can have the fifth day off
• Unlimited Pluralsight learning videos
• 25 Days annual leave PLUS Bank Holidays (Increasing to 30 days)

Think this one's for you

If you think this Threat and Vulnerability Manager opportunity is for you then please apply online.

Yolk Public Sector & Not-for-Profit team works with organisations across the UK to fulfil their recruitment needs and to achieve their D&I objectives. We recruit temporary, contract and permanent hires for 1 off specialist needs or for volume campaigns. We support our applicants to navigate the public sector recruitment processes and secure their dream jobs.